Skip to content

IBM Security Verify generation #409

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Draft
sabre1041 wants to merge 1 commit into
base: main
Choose a base branch
from
Draft

IBM Security Verify generation #409

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
45 changes: 45 additions & 0 deletions api/v1alpha1/zz_generated.deepcopy.go
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

93 changes: 45 additions & 48 deletions config/crd/bases/redhatcop.redhat.io_groupsyncs.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -337,6 +337,51 @@ spec:
required:
- credentialsSecret
type: object
ibmsecurityverify:
description: IbmSecurityVerify represents the IBM Security Verify provider
properties:
credentialsSecret:
description: CredentialsSecret is a reference to a secret containing authentication details for the IBM Security Verify server
properties:
key:
description: Key represents the specific key to reference from the resource
type: string
kind:
default: Secret
description: Kind is a string value representing the resource type
enum:
- ConfigMap
- Secret
type: string
name:
description: Name represents the name of the resource
type: string
namespace:
description: Namespace represents the namespace containing the resource
type: string
required:
- name
- namespace
type: object
groups:
description: Groups is the list of ISV groups to synchronize
items:
properties:
id:
description: The ID of the group as defined in IBM Security Verify. This value can be found by using the API.
type: string
name:
description: The display name of the group as defined in IBM Security Verify
type: string
type: object
type: array
tenantUrl:
description: TenantURL is the location of the IBM Security Verify tenant
type: string
required:
- credentialsSecret
- tenantUrl
type: object
keycloak:
description: Keycloak represents the Keycloak provider
properties:
Expand Down Expand Up @@ -440,54 +485,6 @@ spec:
- realm
- url
type: object
ibmsecurityverify:
description: The IBM Security Verify (ISV) provider
properties:
credentialsSecret:
description: CredentialsSecret is a reference to a secret containing authentication details for the ISV server
properties:
key:
description: Key represents the specific key to reference from the resource
type: string
kind:
default: Secret
description: Kind is a string value representing the resource type
enum:
- ConfigMap
- Secret
type: string
name:
description: Name represents the name of the resource
type: string
namespace:
description: Namespace represents the namespace containing the resource
type: string
required:
- name
- namespace
type: object
groups:
description: The ISV groups to synchronize
type: array
items:
type: object
properties:
name:
description: Name of the ISV group
type: string
id:
description: ID of the ISV group
type: string
required:
- id
tenantUrl:
description: URL for the ISV server of the tenant
type: string
required:
- credentialsSecret
- tenantUrl
- groups
type: object
ldap:
description: Ldap represents the LDAP provider
properties:
Expand Down
53 changes: 52 additions & 1 deletion config/manifests/bases/group-sync-operator.clusterserviceversion.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -398,6 +398,57 @@ spec:
path: providers[0].gitlab.url
x-descriptors:
- urn:alm:descriptor:com.tectonic.ui:text
- description: IbmSecurityVerify represents the IBM Security Verify provider
displayName: IBM Security Verify
path: providers[0].ibmsecurityverify
- description: CredentialsSecret is a reference to a secret containing authentication
details for the IBM Security Verify server
displayName: Secret Containing the Credentials
path: providers[0].ibmsecurityverify.credentialsSecret
x-descriptors:
- urn:alm:descriptor:io.kubernetes:Secret
- description: Key represents the specific key to reference from the resource
displayName: Key
path: providers[0].ibmsecurityverify.credentialsSecret.key
x-descriptors:
- urn:alm:descriptor:com.tectonic.ui:text
- description: Kind is a string value representing the resource type
displayName: Kind
path: providers[0].ibmsecurityverify.credentialsSecret.kind
x-descriptors:
- urn:alm:descriptor:com.tectonic.ui:select:ConfigMap
- urn:alm:descriptor:com.tectonic.ui:select:Secret
- description: Name represents the name of the resource
displayName: Name
path: providers[0].ibmsecurityverify.credentialsSecret.name
x-descriptors:
- urn:alm:descriptor:com.tectonic.ui:text
- description: Namespace represents the namespace containing the resource
displayName: Namespace
path: providers[0].ibmsecurityverify.credentialsSecret.namespace
x-descriptors:
- urn:alm:descriptor:com.tectonic.ui:text
- description: Groups is the list of ISV groups to synchronize
displayName: Groups to Synchronize
path: providers[0].ibmsecurityverify.groups
x-descriptors:
- urn:alm:descriptor:com.tectonic.ui:text
- description: The ID of the group as defined in IBM Security Verify. This value
can be found by using the API.
displayName: Id
path: providers[0].ibmsecurityverify.groups[0].id
x-descriptors:
- urn:alm:descriptor:com.tectonic.ui:text
- description: The display name of the group as defined in IBM Security Verify
displayName: Name
path: providers[0].ibmsecurityverify.groups[0].name
x-descriptors:
- urn:alm:descriptor:com.tectonic.ui:text
- description: TenantURL is the location of the IBM Security Verify tenant
displayName: Tenant URL
path: providers[0].ibmsecurityverify.tenantUrl
x-descriptors:
- urn:alm:descriptor:com.tectonic.ui:text
- description: Keycloak represents the Keycloak provider
displayName: Keycloak Provider
path: providers[0].keycloak
Expand Down Expand Up @@ -1163,7 +1214,7 @@ spec:
```shell
oc create secret generic okta-api-token --from-literal=okta-api-token=<OKTA_API_TOKEN> -n group-sync-operator
```

### IBM Security Verify

Groups defined in [IBM Security Verify](https://help.okta.com/en/prod/Content/Topics/users-groups-profiles/usgp-main.htm) (ISV) can be synchronized into OpenShift. Currently only the `userName` field from ISV will be synchronized. The developer docs for the ISV API can be found [here](https://docs.verify.ibm.com/verify/page/api-documentation).
Expand Down